Beyond compliance: Exchanging information with Integrity and Quality Proprietary and Confidential by Unitech Systems Inc. All rights reserved.

Slides:

Advertisements

Similar presentations

Additional Assurance Services: Other Information

Advertisements

ICP 20 Public Disclosure Yoshihiro Kawai IAIS-ASSAL Conference 22 April 2014.

Chapter 10 Accounting Information Systems and Internal Controls

Control and Accounting Information Systems

Control and Accounting Information Systems

Data Rich Information Poor ( D.R.I.P) Business Environment – the Next Quality Frontier Proprietary and Confidential by Infogix Systems Inc.

Monitoring Compliance with the Basel II Accord Charles H. Le Grand Reliability of Global Financial Infrastructures, Information, and Reporting Accountability.

1 Lecture 6b: An Introduction The Basel I & Basel II.

The Use Test in Practice

IOR Scottish Chapter Annual Conference Glasgow Caledonian University – 1 st November 2013 Relevance of Operational Risk to the FCA Jill Savager Manager,

Tax Risk Management Keeping Up with the Ever-Changing World of Corporate Tax March 27, 2007 Tax Services Bryan Slone March 27, 2007.

Phone: (919) Fax: (919) CFR Part 11 FDA Public Meeting Comments Presented by: M. Rita.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

ProCognis SOX 404 & COSO Implementation Presentation

Operational risk management Margaret Guerquin, FSA, FCIA Canadian Institute of Actuaries 2006 General Meeting Chicago Confidential © 2006 Swiss Re All.

Chapter 7 Control and AIS Copyright © 2012 Pearson Education, Inc. publishing as Prentice Hall 7-1.

6-1 McGraw-Hill/Irwin ©2002 by The McGraw-Hill Companies, Inc. All rights reserved. Chapter 6 Internal Control Evaluation: Assessing Control Risk.

Minimizing Operational Risk & Optimizing Institutional Performance.

© 2006 IBM Corporation Introduction to z/OS Security Lesson 9: Standards and Policies.

Auditing A Risk-Based Approach To Conducting A Quality Audit

The University of California Strengthening Business Practices: The Language of Our Control Environment Dan Sampson Assistant Vice President Financial Services.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

Click to add text © 2010 IBM Corporation OpenPages Solution Overview Mark Dinning Principal Solutions Consultant.

Information Systems Controls for System Reliability -Information Security-

1 Business Continuity and Compliance Working Together Kristy Justice, AVP WaMu Card Services 08/19/2008.

1 Rittenberg/Schwieger/Johnstone Auditing: A Business Risk Approach Sixth Edition Chapter 7 Performing an Integrated Audit Copyright © 2008 Thomson South-Western,

COSO Framework Update IIA Columbus Chapter May 17, 2013

Control environment and control activities. Day II Session III and IV.

Chapter 4 Internal Controls McGraw-Hill/Irwin

Internal Auditing and Outsourcing

The Basel Committee’s Approach

Practical Implications of Regulatory Convergence – Lessons from Basel II Mary Frances Monroe Division of Banking Supervision and Regulation Board of Governors.

Six Sigma By: Tim Bauman April 2, Overview What is Six Sigma? Key Concepts Methodologies Roles Examples of Six Sigma Benefits Criticisms.

Keeping Your SOX on: Quality Improvement for Sustaining SOX compliance Proprietary and Confidential by Unitech Systems Inc. All rights reserved.

Chapter 8 Introduction to Internal Control Systems

Corporate Governance: Basel II and Beyond Corporate Governance Program for Bank Directors of Indian Banks Mumbai December 14, 2005.

Presented to President’s Cabinet. INTERNAL CONTROLS are the integration of the activities, plans, attitudes, policies and efforts of the people of an.

Stephen Vink Senior Vice President Group Risk Management and Internal Audit Lessons learned from ERM.

Introduction to Internal Control Systems

From Findings over KRIs to Process Control

© Grant Thornton | | | | | Guidance on Monitoring Internal Control Systems COSO Monitoring Project Update FEI - CFIT Meeting September 25, 2008.

Implementation Issues of Sarbanes-Oxley CASE Presentation September 23, 2004 By Denise Farnan.

Copyright T. Rowe Price. All rights reserved 1 Ms. Deborah D. Seidel of T. Rowe Price Financial Services Vice President and Manager of Compliance.

Chapter 5 Internal Control over Financial Reporting

CDS Operational Risk Management - October 28, 2005 Existing Methodologies for Operational Risk Mitigation - CDS’s ERM Program ACSDA Seminar - October 26.

© 2013 Cengage Learning. All Rights Reserved. 1 Part Four: Implementing Business Ethics in a Global Economy Chapter 9: Managing and Controlling Ethics.

Security Professional Services. Security Assessments Vulnerability Assessment IT Security Assessment Firewall Migration Custom Professional Security Services.

Scandals (in the public and private sector)  Enron  Worldcom  Livent  Nortel  HRDC  Sponsorship Scandal.

© 2003 DelCreo, Inc. All rights reserved. | U.S. Toll-free 866.DELCREO | International 001/ |

Bank Audit. Internal Audit Internal audit is an independent, objective assurance activity and can give valuable insight in providing assurance that major.

Conducting Clinical Risk Assessments And Implementing Compliance Practices Jane L. Stratton Chiron Corporation VP/Associate General Counsel Chief Compliance.

Operational Risk Ruth Hanna Strong FIRMA Conference San Francisco March 31, 2010 © 2010 Wells Fargo Bank, N.A. All rights reserved. For public use.

Chapter 9: Introduction to Internal Control Systems

Copyright 2010, The World Bank Group. All Rights Reserved. Recommended Tabulations and Dissemination Section B.

Control and Security Frameworks Chapter Three Prepared by: Raval, Fichadia Raval Fichadia John Wiley & Sons, Inc

Deck 5 Accounting Information Systems Romney and Steinbart Linda Batch February 2012.

Company LOGO Chapter4 Internal control systems. Internal control  It is any action taken by management to enhance the likelihood that established objectives.

COBIT. The Control Objectives for Information and related Technology (COBIT) A set of best practices (framework) for information technology (IT) management.

ERM and Information Risks July 2013 Advisory. 1 © KPMG, a partnership established under Ghanaian law and a member firm of the KPMG network of independent.

Chapter 6 Internal Control in a Financial Statement Audit McGraw-Hill/IrwinCopyright © 2012 by The McGraw-Hill Companies, Inc. All rights reserved.

Auditors’ Dilemma – reporting requirements on Internal Financial Controls under the Companies Act 2013 and Clause 49 of the Listing agreement V. Venkataramanan.

Risk Assessment Beginning an Analysis Date by Jim Bowman.

CPA Gilberto Rivera, VP Compliance and Operational Risk

Chapter 4 Internal Controls McGraw-Hill/Irwin

Internal control objectives

Governance, audit and digital preservation

An overview of Internal Controls Structure & Mechanism

KEY INITIATIVE Internal Control and Technical Accounting

Presentation transcript:

Beyond compliance: Exchanging information with Integrity and Quality Proprietary and Confidential by Unitech Systems Inc. All rights reserved

2 Agenda Regulatory Environment Enterprise Information Model Compliance through quality and integrity Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 3 Agenda Regulatory Environment Enterprise Information Model Compliance through quality and integrity Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 4 Regulatory Environment Timeline Basel I (1988) Data Protection Act (1998) IASB(2001) Sarbanes Oxley (2002) HIPPA Cromme Code (2002/2003) for Germany UK Companies Bill(2002/2003) Basel II (2004) IAS/IFRS (2005) Basel III (2008) ? …………. [Ref: Gartner, 2004, BMC Inc]

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 5 Basel II

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 6 Operational Risk The risk of loss resulting from inadequate or failed internal processes, people, and systems, or from external events. 30 banks had reported total operational losses of around 2.6 billion euros. Ref: BIS, “Quantitative Impact Study”, 2002; Rick Harris, “Domestic regulatory approaches to operational risk”, 2002

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 7 Where is the error ? The most likely and the most costly operational risk- prone- events were in process management. [ Ref: Risk Management Group, The quantitative impact study for operational risk: Overview of individual loss data and lessons learned. Report to Basel Committee on Banking Supervision, Bank for International Settlements, (January) ] Process variation Lack of Information Integrity

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 8 How to Minimize Operational Risk You need a management system foundation to contain all of your risk-prone areas You need a methodology that accommodates root cause analysis, gap remediation, and internal control profiling You need an information integrity framework to assure the dependability of information flows and process efficiency.

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 9 Agenda Corporate Governance & Regulatory Environment Enterprise Information Model Compliance through quality and integrity Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 10 A Comprehensive EIM Any Enterprise Information Model (EIM) is a comprehensive framework for identifying focal business processes for integrity evaluation The four quadrants can be populated with issues and processes representing every aspect of enterprise operations

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 11 What is Information Integrity? Information Integrity (I*I) is the trustworthiness or dependability of information as defined by the accuracy, consistency & reliability of information content, processes and systems. Accuracy: The degree of agreement between a particular value and an identified source that provides the correct value at a specific point in time. Consistency: The degree of agreement among repeated instances of the same information (occur in space, over time, and in relation to one another at the same point in time). Reliability: The degree to which information is complete, current, and verifiable.

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 12 Semantics Matter in the Information Age WO C1805E190 0E Date: July 23, 2003 Airline: World Flight Number: 2555 Take off time: 1:00 PM [CST] Scheduled Landing: 6:05 PM Eastern Actual Landing: 7:00 PM Eastern Percentage On Time Arrivals In Last: Month55% Six Months65% Year75% Average Minutes Late In Last: Month42 Six Months22 Year24 If I take this flight, I will probably miss my dinner meeting because an increasing number of flights are late by an increasing margin Maybe I should fly on a different carrier InformationDataKnowledgeWisdom

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 13 Basel II | Information Integrity Issues Accuracy of Information Basel II requires accurate information about transactions Basel II requires that banks to have five (5) years of loss data. It requires use of external data. Basel II requires disclosed information to be accurate Challenges How assure the accuracy of financial transactions? Are we confident of the end of day balance ? How to assure Accuracy and completeness of external data provided by consortiums or third party providers is not known How to assure the accuracy of the disclosure information Ref: “Information Integrity and Basel II” by Stephen M. Schoneman, Oct 2004

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 14 Basel II | Information Integrity Issues Consistency of Information Basel II is very prescriptive for Credit Risk Management processes and data; not so for Operational Risk Strong peer bank information sharing on approaches and issues associated with Operational Risk Management and Measurement Challenges Not enough guidance on Operational Risk from regulators Concerns remain about comparability of data from bank to bank, especially related to Disclosure requirements Consistency of the risk assessment process and interpretation of information across business lines Ref: “Information Integrity and Basel II” by Stephen M. Schoneman, Oct 2004

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 15 Basel II | Information Integrity Issues Reliability of Information Banks will need to consider improving both arrangements for receipt of information from correspondents and the time they conduct their own reconciliations Dependent on many managers adhering risk management policies and practices Disclosure (Pillar III) of Risk and Capital information to shareholders/public will be subject to external audit Challenges Need approach for determining relevance of external data Need system/s to capture, monitor, manage and report on loss events, key risk indicators, risk assessments, modeling, etc. Need a common language for addressing these issues Ref: “Information Integrity and Basel II” by Stephen M. Schoneman, Oct 2004 ; BIS, 1999

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 16 Agenda Regulatory Environment Enterprise Information Model Compliance through quality and integrity Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 17 Quality and I*I Integration

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 18 Several Concepts – Several Tools Quality Management Risk Management Control Management Information Integrity Management Six Sigma, Quality Circle Business Process Reengineering Integrity Risk Assessment Security Risk Assessment (COSO Enterprise Risk Management Framework ) Risk Management Framework

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 19 Comprehensive Risk Management Approach Ref: COSO Enterprise Risk Management Framework, 2004 Quality management Integrity Management

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 20 Basel II | Use of quality tools and I*I tools Op Risk NeedsSix Sigma Can ProvideI*I can provide Identification of critical processes and activities Hierarchical, process view of a business Hierarchical, information flow view of a process Monitoring of key indicators and warning of potential problems Process Management & Control Integrity risk management and control Cure problems in existing processes Process Improvement via DMAIC & Lean Automated information controls Prevention of problems for new processes Process Design via DFSS Process design through I*I lens Ref: AON Inc., 2004

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 21 Basel II | Use of quality tools and I*I tools 6 Sigma and other tools I*I, 6 sigma and other tools

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 22 Agenda Regulatory Environment Enterprise Information Model Compliance through quality and integrity Key Benefits

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 23 Key Benefits Enterprise-based The Enterprise Information Model embraces all major processes in the enterprise. One tool provides the total perspective Process-Focused Our approach is driven by a relentless focus on practical process understanding. As a result, we connect with management thinking and deliver practical integrity improvements. Effective/Efficient We look at processes from both effectiveness and efficiency perspectives, thus broadening performance impact Compliance-rich Unitech is particularly suitable for supporting Sarbanes-Oxley and Basel II compliance initiatives. We provide internal control environment profiling Generally adaptable Unitech’s approach can be applied to ANY business process, yielding powerful insights into information integrity, as well as performance improvement potential

Proprietary and Confidential by Unitech Systems Inc. All rights reserved 24 More Resources